user1083320
Reputation: 1946
Zend ACL allow certain actions
How do I use the Zend ACL to allow access to certain users to some of the actions within a controller? Right now, I only know how to allow a user to access the whole controller, but I want to limit the actions within the controller!
Upvotes: 2
Views: 1905
Answers (1)
James Woodruff
Reputation: 973
To allow/deny access to certain actions, specify them in the allow/deny methods of Zend_Acl.
The third argument in the Zend_Acl::allow() method will only allow you to set access controls to certain actions on a given controller/resource. For example:
<?php
$acl = new Zend_Acl();
// Roles
$guest = new Zend_Acl_Role('guest');
$user = new Zend_Acl_Role('user');
// Register the roles with the Zend_Acl
$acl->addRole($guest);
$acl->addRole($user, 'guest');
// Resources/Controllers
$indexController = new Zend_Acl_Resource('index');
$profileController = new Zend_Acl_Resource('profile');
// Add resources/controllers to the Zend_Acl
$acl->add($indexController);
$acl->add($profileController);
// Now set limits of access to the resources.
// Guests get access to all the actions in the index controller,
// but to only the login and logout actions in the profile controller.
$acl->allow('guest', 'index');
$acl->allow('guest', 'profile', array('login', 'logout'));
// Users get full access to the profile controller
$acl->allow('user', 'profile');
Upvotes: 1
Related Questions
- Zend Framework 2 ACL implementation
- ZF2 ACL -> allow for all actions in controller
- Zend Framework 2 add Acl
- Zend Framework 1 ACL: allow all and deny some
- Zend module specific ACL
- Access control in zend framework
- Zend - controller/action ACL
- PHP, ZF: Zend_Acl for module-controller-action
- Zend-Framework how to detect not extisting action with zend_acl
- Zend-Framework: how we do this without module?